The Southern Fried Security Podcast
Join Andy Willingham, Martin Fisher,Steve Ragan, Yvette Johnson, and Joseph Sokoly as they discuss information security, news, and interview interesting people. Get in the discussion at

Episode 199 - Building A Security Strategy - Part II

  1. Recap
    1. Strategy vs Policy
    1. Understand the business of your Business
    2. Know who your stakeholders really are
    3. Capability = (Tech + Service) * Process
    4. Crawl, Walk, Run
    5. It Takes A Village
  2. The Question is “How do I make one?”
    1. Almost no business is in the business of information security
    2. Follow The Money
    3. Understand The Decisioning Process
    4. “Culture Eats Strategy For Breakfast”
    5. Vocabulary Matters
  3. Understand the Business of Your Business
    1. Know the Formal and Informal Org Charts
    2. Influencers are as important as Deciders
    3. Beware the Spoiler
    4. “Culture Eats Strategy For Breakfast”
    5. Don’t Give a Vote or Veto Unnecessarily
  4. Know Who Your Stakeholders Really Are
    1. We will keep discussing this.
    2. Underestimating the power of culture WILL result in your plan faling
    3. That’s a majority of the reason that Strategy Is Hard
  5. Culture Is The Key
Direct download: SFS_Podcast_-_Ep_199.mp3
Category:podcasts -- posted at: 1:23pm EDT